github.com/xushiwei/go@v0.0.0-20130601165731-2b9d83f45bc9/src/pkg/crypto/x509/root_unix.go

github.com/xushiwei/go@v0.0.0-20130601165731-2b9d83f45bc9/src/pkg/crypto/x509/root_unix.go (about)

     1  // Copyright 2011 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  // +build freebsd linux openbsd netbsd
     6  
     7  package x509
     8  
     9  import "io/ioutil"
    10  
    11  // Possible certificate files; stop after finding one.
    12  var certFiles = []string{
    13  	"/etc/ssl/certs/ca-certificates.crt",     // Linux etc
    14  	"/etc/pki/tls/certs/ca-bundle.crt",       // Fedora/RHEL
    15  	"/etc/ssl/ca-bundle.pem",                 // OpenSUSE
    16  	"/etc/ssl/cert.pem",                      // OpenBSD
    17  	"/usr/local/share/certs/ca-root-nss.crt", // FreeBSD
    18  }
    19  
    20  func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) {
    21  	return nil, nil
    22  }
    23  
    24  func initSystemRoots() {
    25  	roots := NewCertPool()
    26  	for _, file := range certFiles {
    27  		data, err := ioutil.ReadFile(file)
    28  		if err == nil {
    29  			roots.AppendCertsFromPEM(data)
    30  			systemRoots = roots
    31  			return
    32  		}
    33  	}
    34  
    35  	// All of the files failed to load. systemRoots will be nil which will
    36  	// trigger a specific error at verification time.
    37  }